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(57) Abstract 

A security system for a computer (10) having at least one communications port (12) for connection to peripheral devices, 
includes a card reader (14). A switching means (22) connected to the card reader and connectible to the communications port, is 
operable to connect the card reader to the communications port in response to a command including protected routines which 
generate said command to cause the switching means to connect the card reader to the communications port. Suitable software 
compares data from a card read by the card reader with authorisation data held in the computer, to enable or disable further op- 
eration of the protected routine(s). 
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1 

COMPUTER SECURITY SYSTEM 

This invention relates to a means of restricting 
access to computer files. 
5 The large amount of confidential data on files held by 

many computers and the expense involved in accessing 
outside data systems via a modem, makes it imperative to 
ensure that access to such data and systems is restricted 
to certain authorised users. At present one of the usual 

10 methods of restricting access involves entering a code via 
the keyboard. However, as the computer must contain a 
program which recognises the code, an expert can gain entry 
to the data files by calling up and then modifying the 
program. It is also possible to provide a mechanical lock 

15 system, but this is not a practical means of controlling a 
variety of levels of authorised access to given types of 
data or peripherals. 

According to the present invention there is provided 
a security system for a computer having at least one 

20 communications port for connection to peripheral devices; 
the system having a card reader; switching means operable 
to connect the card reader to the communications port in 
response to a command including protected routines which 
generate said command to cause the switching means to 

25 connect the card reader to the communications port; and 
means for comparing data from a card read by the card 
reader with memorised authorisation data to enable or 
disable further operation of the protected routine. 

Preferably, the switching means operates to connect 

30 the card reader and a peripheral device alternatively to a 
single communications port. 

In a particularly preferred form, the switching means 
is comprised in an adapter package which includes a plug 
for connection into a communications port socket, a socket 

35 for receiving a peripheral device plug, and a cable 
connection to a stand-alone card reader. 
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Preferably, said computer is an IBM personal computer 
(or compatible) having a hard disk drive, and the usual 
serial communication port. 

The card reader is preferably a swipe reader, having 
5 two of the three standard outputs i.e. CLOCK negative logic 
and DATA negative logic. These two outputs connect to two 
inputs in the computer via the switching means. The inputs 
in the computer (which usually connect with two data set 
inputs) may thus be controlled by the switch means, which 
10 in turn is controlled by the software system. 

The software system may be made up of various files 
e.g. a system file, an installation file and a utility 
file. These allow access to the computer when the card is 
used at various levels of security. 
15 The software system controls the switch means by 

setting output levels and monitoring input signals by 
polling the input signals and processing the changes as the 
card is swiped. It is possible to use interrupts instead 
of polling. 

20 The above system may be used with the usual 

communication port uses e.g. to modem, mouse or serial 
printer . 

In order to ensure that the security software cannot 
be circumvented, access to floppy disc drives on the 

25 computer is preferably prevented. This may be achieved by 
inserting a circuit board between the computer's main 
system board and the floppy disc drive, to intercept the 
disc control signals and prevent access to the disc drive 
until a specified control sequence is received on the disc 

30 drive interface from the controlling software. This 
control sequence is arranged to be sent only once the user 
has been authenticated on the system. An embodiment of 
the invention will now be described by way of example, with 
reference to the accompanying drawings, in which: 

35 Fig. i is a perspective view of a computer system; 
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Fig. 2 is a block diagram of the compyter system 
illustrating a card reader and adapter used in the system 
of the invention; and 

Fig. 3 is a block diagram of the circuitry of the 
5 adapter . 

The preferred embodiment makes use of an IBM PC (or 
compatible computer) 10 having a communications port socket 
12 and a floppy disk drive 102 , and a card reader 14. The 
card reader 14 is permanently wired by cable 19 to an 
10 adapter 16 which has a plug 18 for engagement in the 
communications port socket 12 and also has a similar socket 
2 0 into which any desired peripheral device (not shown) may 
be connected . 

The card reader 14 is a standard swipe reader meeting 
15 ISO 3554 track two standard; it requires 0 volt and 5 volt 
electrical supplies and its outputs are:- 

1. CARD PRESENT negative logic. 

2. CLOCK negative logic. 

3 . DATA negative logic . 

20 The way that data is retrieved in all systems 

employing such readers is that data is formed by the data 
signal being present or not during a 'clock 1 signal 
transition from high to low. Each transition is one bit 
and 5 bits equal one digit plus parity, the lower 4 bits 

25 equal a binary coded decimal number. The 'card present' 
signal signals the start and end of the card information. 
The system described here uses only CLOCK and DATA signals. 

In order to ensure that the security software cannot 
be circumvented, access to the floppy disc drive 102 in the 

3 0 computer is prevented by means of a circuit board 28 
inserted between the computer's main system board 104 and 
the floppy disc drive 102, to intercept the disc control 
signals and prevent access to the disc drive until a 
specified control sequence is received on the disc drive 

3 5 interface from the controlling software. This control 
sequence is arranged to be sent only once the user has been 
authenticated on the system. For this purpose a single GAL 
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chip is used on the circuit board to intercept the control 
signals and to decode the enable sequence. The GAL chip 
may include a security fuse to ensure that its contents 
cannot be read out. Once the enable or disable signal is 
5 received, the GAL does not respond to any further commands. 
This stops experimentation by potential hackers. 

Referring to Pig. 3, the IBM PC or compatible serial 
communication port 12 (termed COM 1 to COM 4) has 3 outputs 
and 5 inputs which are used to connect to data set 

10 equipment. To allow the card CLOCK and DATA signals to 
connect to two inputs, the adapter 16 has an electronic 
switch 22 which is employed to disconnect two data set 
inputs and connect the two card signals. The switch 22 is 
activated by the PC setting two of its outputs to a level 

15 which is inconsistent with normal data set equipment, i.e. 
Request To Send (RTS) signal = OFF and Transmit (TX) signal 
= ON. This condition is sensed by switch logic 24 to 
operate switch 22, thus connecting the card signals to the 
inputs Carrier Detect (CD) and Clear To Send (CTS) . 

2 0 The 5 volt power requirement for the card reader 14 

and the electronic switch 22 is derived from the output 
signal Data Terminal Ready (DTR) via a voltage regulator 
26. The input signals for the card reader, CTS and CD, 
could be any input except Receive (RX) . It is the function 
25 of a software driver program SECURITY. SYS to activate the 
switch by setting the defined output levels and to monitor 
inpu£ signals by polling the input signals and processing 
the changes as the card is swiped. It is possible to use 
interrupts instead of polling. 

3 0 It will be appreciated that in normal use of the 

computer, the communications port operates normally with 
any peripheral device connected to the adapter socket 20. 
It is only when the software calls for a security 
verification by setting RTS = OFF and TX = ON that the 
35 peripheral is disconnected and the card reader 14 is 
connected. 
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The card itself may contain a total of 40 digits. The 
first digit and the last two digits are start sentinel, end 
sentinel and check digit respectively, leaving 37 digits 
which the software driver passes to a CARD CHECK program. 
5 The digits are used to identify a particular user. Data is 
held on the computer to define the following items for each 
user:- 

1. Card Number 

2. Privilege Level Number 
10 3. User Name 

4 - PUN requirement 
5. Floppy drive access permission 
where the following definitions are used: 

CARD NUMBER: Any time the CARD CHECK program is called, 
15 it will not allow the user to continue 

unless this number on the card matches an 
entry in a preprogrammed table of numbers. 
As the CARD CHECK program is called at 
'power up 1 , only specified cards can enable 
20 the system to operate. 

USER GROUP No: After 1 power up 1 , PCs and compatibles are 

capable, through the AUTOEXEC.BAT file, of 
executing one application directly, without 
input from the user. The program CARD 
25 CHECK, when used in an AUTOEXEC.BAT file, 

return an ERROR LEVEL number equal to this 
number to the AUTOEXEC.BAT file. It is 
possible to process this number to execute 
one of 9999 applications directly from 
3 0 ' power up ■ . 

PRIVILEGE LEVEL NO: Its main function is to provide the 

ACCESS LEVEL to a program/ file which 
has been LOCKED using a utility 
program LOCK . COM . Programs / files 

35 which have been LOCKED are not usable 

(even when copied) unless the DRIVER 
returns a PRIVILEGE LEVEL equal to or 
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higher than that applied to the 
program/file when LOCKED. It is also 
used to restrict access to the user 
setup program. 

5 PUN Requirement: This defines whether or not a PUN is 

required for this user. Using the 
card and a MACHINE KEY NUMBER (pre- 
programmed) , an algorithm produces a 
four digit PERSONAL USER NUMBER. The 
10 CARD CHECK program can ask the user to 

input this PUN and a comparison is 
made before returning to the 
application. This feature may also be 
a KEY to unLOCK programs /files which 
15 have this key applied when LOCKED. 

The software module is installed in the computer 
memory at 1 power up 1 through the CONFIG.SYS file and 
communicates with the card reader on • power up 1 and on 
request by an application. The software may comprise a 
20 number of files, for example a system file; an installation 
file and various utility files. These may be made up and 
operate as follows: 

System file : SECURITY. SYS 

Installation file : INSTALL.COM 
25 Utility files : CARD.COM 

CARD2 . COM 

INCARD.COM 

PUNCARD.COM 

LOCK.COM 

3 0 UNLOCK.COM 

SECURITY. SYS: This is a system file (DRIVER) which is 

loaded from the CONFIG.SYS file at 'power 
up 1 . This software accepts a request via a 
DOS interrupt and returns card data to the 

35 calling program when the request has been 

executed. Valid requests are:- 
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10 



15 



INSTALL.COM: 



20 



25 



CARD.COM: 



3 0 CARD2.COM: 



INCARD.COM: 



3 5 PUNCARD.COM: 



1. Return card data from the last card 
input . 

2. Return card data from a new valid 
card input. 

3. Ask for PUN on the last card input 
and return card data if the PUN is 
valid. 

4. Ask for the PUN on a new valid card 
input and return card data if both the 
card and PUN are valid. 

5 • As in request 4 , but returns 
without checking the PUN and with the 
PUN appended to the card data . 

(A valid card is defined as having the 

correct User Group ID.) 

This program allows the user to define the 
USER GROUP IDENTITY NUMBERS and insert them 
into the DRIVER prior to installing on the 
hard disk. It also allows the MACHINE KEY 
NUMBER to be input and also the facility to 
disable a PUN input at power up. A view 
facility allows the user to view details on 
a driver already installed on disc and to 
create PERSONAL USER NUMBERS relative to a 
MACHINE KEY NUMBER. 

A program which/ when used in a batch file, 
will return an ERROR LEVEL number equal to 
that defined as the BATCH NUMBER on the 
last card input. 

As defined in CARD.COM but returns the 
PRIVILEGE LEVEL NUMBER as the ERROR LEVEL. 
A program which requires the input of a new 
card before returning an ERROR LEVEL as 
defined in CARD.COM. 

As defined in CARD.COM but requires the 
input and validation of a PERSONAL USER 
NUMBER before returning. 
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8 

LOCK- COM: This program will alter fILes with the 

extension .EXE or • COM making them usable 
in an environment without a 'PC 
SECURITY. SYS" system installed. In 1 

5 addition it tags the file with a PRIVILEGE 

LEVEL number and KEY. The KEY the file * 
with defines how to derive the user's 
PRIVILEGE LEVEL when the program is 
executed. 

10 Security level: 

KEY 01 - from last card input 

02 - from a new card input 

03 - from last card when valid PUN 

input 

15 04 - from a new card when valid PUN 

input 

The program will execute only when the 
user's security level is equal to or higher 
than that on the TAG. 
20 UNLOCK.COM: Restores locked files to their original 

form. 

Other file arrangements may be used. Detailed 
implementations of software for carrying the invention into 
effect will be readily apparent to those skilled in the 
25 art. 

The invention thus allows a conventional computer to 
be modified in a simple manner to provide a system with a 
high degree of security which may operate in a versatile 
manner . 

30 

« 

i 
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CLAIMS 

1. A security system for a computer (10) having at least 
one communications port (12) for connection to peripheral 

5 devices, the security system comprising: 
a card reader (14); 

switching means (22) connected to the card reader and 
connectible to the communications port, the switching means 
being operable to connect the card reader to the 

10 communications port in response to a command including 
protected routines which generate said command to cause the 
switching means to connect the card reader to the 
communications port; and, 

means for comparing data from a card read by the card 

15 reader with authorisation data held in the computer, to 
enable or disable further operation of the protected 
routine . 

2. A system according to claim 1, wherein the switching 
20 means (22) operates to connect the card reader and a 

peripheral device alternatively to a single communications 
port (12) . 

3. A system according to claim 1 or claim 2, wherein the 
25 switching means (22) is provided in an adapter (16) which 

includes a plug (18) for connection to a communications 
port socket (12) , a socket (20) for receiving a peripheral 
device plug, and a cable connection (19) to the card 
reader . 

30 

4. A system according to any of claims 1 to 3, wherein 
the card reader is a swipe reader having two of the three 
standard outputs i.e. CLOCK negative logic and DATA 
negative logic, the two outputs connecting, in use, to two 

35 inputs in the computer via the switching means, whereby the 
inputs in the computer (which usually connect with two data 
set inputs) may be controlled by the switch means. 
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10 

5. A system according to any of claims 1 to 4, wherein 
the means for comparing data from a card read by the card 
reader with authorisation data held in the computer, 
comprises software held, in use, in the computer. 

5 

6. A system according to any of claims 1 to 5, further 
including means (28) for preventing access to floppy disc 
drives on the computer, the means comprising a circuit 
board insertable between the computer 1 s main system board 

10 (30) .and its floppy disc drive (32), to intercept the disc 
control signals and prevent access to the disc drive until 
a specified control sequence is received on the disc drive 
interface from the controlling software. 

15 7. A computer system (10) having at least one 
communications port (12) for connection to peripheral 
devices, and including a security system according to any 
of claims 1 to 6. 



« 

i 
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